Forensicswiki.org has moved to this site, forensicswiki.xyz. For information, please join the Google Group forensicswiki-reborn

Nmap

From Forensics Wiki
Jump to navigation Jump to search
nmap
Maintainer: Gordon Lyon
OS: Linux,Windows, OS X
Genre: Network forensics
License: GPL
Website: nmap.org

Nmap (Network Mapper) is a network security scanner.

Features

General features:

  • Host discovery
  • Port scanning (enumerating open/closed/filtered ports on one or more target hosts)
  • Service detection (determining service types and version numbers)
  • OS detection

Other features:

  • IP protocol scan
  • Uptime detection (using TCP timestamps)
  • Traceroute
  • DNS resolution
  • Idle scan (using "zombies")
  • FTP bounce scan (using proxy FTP connections)
  • etc

Typical uses

  • Identifying open ports on a compromised host
  • Auditing the security of a network, by identifying unexpected computers

External Links